summaryrefslogtreecommitdiff
path: root/contrib/tor.spec.in
blob: 5d9c1356d7ac401ebc3c7f0728655a2213a17375 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
%define  rellevel 2
%define  relbase std.%{rellevel}
%define  rhrel %([ -f /etc/redhat-release ] && (sed -e 's/^Red Hat Linux release //' -e 's/ .*$//' -e 's/\\./_/g' -e 's/^.*$/.rh&/' < /etc/redhat-release))
%define  blddate %(date -u +"%Y%m%d%H%M")
%define  release %{relbase}%{rhrel}.%{blddate}

%define  initdir /etc/rc.d/init.d

Summary: tor: anonymizing overlay network for TCP
Name: tor
Version: @VERSION@
Vendor: R. Dingledine <arma@seul.org>
Release: %{release}
License: BSD-like
Group: Applications/Internet
URL: http://freehaven.net/tor/

Source0: http://freehaven.net/tor/dist/tor-%{version}.tar.gz

Requires(pre): shadow-utils, /usr/bin/id, /bin/date, /bin/sh
Requires(pre): %{_sbindir}/useradd, %{_sbindir}/groupadd

BuildRoot: %{_tmppath}/%{name}-%{version}-%{relbase}-root

%description
Tor is a connection-based low-latency anonymous communication system which
addresses many flaws in the original onion routing design.

In brief, Onion Routing is a connection-oriented anonymizing communication
service. Users choose a source-routed path through a set of nodes, and
negotiate a "virtual circuit" through the network, in which each node
knows its predecessor and successor, but no others. Traffic flowing down
the circuit is unwrapped by a symmetric key at each node, which reveals
the downstream node.

Basically Tor provides a distributed network of servers ("onion
routers"). Users bounce their tcp streams (web traffic, ftp, ssh, etc)
around the routers, and recipients, observers, and even the routers
themselves have difficulty tracking the source of the stream.

Note that Tor does no protocol cleaning.  That means there is a danger that
application protocols and associated programs can be induced to reveal
information about the initiator.  Tor depends on Privoxy and similar protocol
cleaners to solve this problem.

Client applications can use the Tor network by connecting to the local
onion proxy.  If the application itself does not come with socks support
you can use a socks client such as tsocks.  Some web browsers like mozilla
and web proxies like privoxy come with socks support, so you don't need an
extra socks client if you want to use Tor with them.

Remember that this is alpha code, and the network is very small -- Tor will
not provide anonymity currently.

This package provides the "tor" program, which serves as both a client
and a relay node. Scripts will automatically create a "tor" user and
group, set tor up to run as a daemon, and automatically start it at
installation time.

%prep
%setup -q

# Patch the startup script to use the right user and group IDs. Force
# the use of /bin/sh as the shell for the "tor" account.
ed -s contrib/tor.sh.in << '/EOF/' > /dev/null
,s/^TORUSER=$/TORUSER=tor/
,s/^TORGROUP=$/TORGROUP=tor/
,s:/bin/su:/bin/su -s /bin/sh:
#
# Save and exit ed
w
q
/EOF/

%build
%configure
%__make

%install
%makeinstall

# Install init script.
%__mkdir_p ${RPM_BUILD_ROOT}%{initdir}
%__install -m 755 contrib/tor.sh ${RPM_BUILD_ROOT}%{initdir}/tor

# Directories that don't have any preinstalled files
%__mkdir_p -m 700 ${RPM_BUILD_ROOT}/var/lib/tor
%__mkdir_p -m 755 ${RPM_BUILD_ROOT}/var/run/tor
%__mkdir_p -m 755 ${RPM_BUILD_ROOT}/var/log/tor

%clean
[ "${RPM_BUILD_ROOT}" != "/" ] && rm -rf ${RPM_BUILD_ROOT}

%pre
[ -f %{initdir}/tor  ] && /sbin/service tor stop
if [ ! -n "`/usr/bin/id -g tor 2>/dev/null`" ]; then
    # One would like to default the GID, but doing that properly would
    # require thought.
    %{_sbindir}/groupadd tor 2> /dev/null
fi
if [ ! -n "`/usr/bin/id -u tor 2>/dev/null`" ]; then
    # One would also like to default the UID, but doing that properly would
    # also require thought.
    if [ -x /sbin/nologin ]; then
        %{_sbindir}/useradd -r -g tor -d / -s /sbin/nologin tor 2> /dev/null
    else
        %{_sbindir}/useradd -r -g tor -d / -s /bin/false tor 2> /dev/null
    fi
fi

%post
/sbin/chkconfig --add tor
/sbin/chkconfig tor && /sbin/service tor start

%preun
/sbin/chkconfig tor && /sbin/service tor stop
/sbin/chkconfig --del tor

%files
%defattr(-,root,root)
%doc AUTHORS INSTALL LICENSE README
%{_mandir}/man*/*
%{_bindir}/tor
%{_bindir}/torify
%{initdir}/tor
%dir %{_sysconfdir}/tor/
%config(noreplace) %{_sysconfdir}/tor/torrc
%config(noreplace) %{_sysconfdir}/tor/dirservers
%config(noreplace) %{_sysconfdir}/tor/tor-tsocks.conf
%attr(-,tor,tor) %dir /var/lib/tor
%attr(-,tor,tor) %dir /var/run/tor
%attr(-,tor,tor) %dir /var/log/tor

%changelog
* Sat Jan 17 2004 John Bashinski <jbash@velvet.com>
- Basic spec file; tested with Red Hat 9.